Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Nedklaw

Posted 07 December 2011 - 04:02 PM

Nedklaw

Trusted Helper

Malware Removal

1,652 posts

Hi. Please perform the following steps:

Click on the Start button.

Click on the Settings menu option.

Click on the Control Panel option.

When the Control Panel opens, double-click on the Network Connections icon. If your Control Panel is set to Category View, then double-click on Network and Internet Connections and then click on Network Connections at the bottom.

You will now see a list of available network connections. Locate the connection for your Wireless or Lan adapter and right-click on it.

You will now see a menu similar to the image below. Simply click on the Repair menu option.

Let the repair process perform its tasks and when it has finished, your Internet connection should be working again.

Alternatively, if your network icon also appears on the Windows taskbar, then you can repair it by right-clicking on the icon and selecting Repair as shown below.

SFAdad

Posted 07 December 2011 - 05:44 PM

SFAdad

Member

Topic Starter

Member

47 posts

Tried your suggestion but still not connectivity. When I click repair i get the following error.
"Windows could not finish repairing the problem because the following action could not be completed: Renewing your IP address."

SFAdad

Posted 10 December 2011 - 10:56 PM

SFAdad

Member

Topic Starter

Member

47 posts

My conectivity problem is fixed. I noticed that the DHCP client was not started even though it was set to automatic. When I tried to start it I received the error message "error 1075". I went to the Microsoft support page http://support.microsoft.com/kb/915162 for this error and followed their instructions and deleted the NetBt dependency from the registry.

Hopefully once you look over the OTL logs you can give my computer a clean bill of health.

Click the Quick Scan button. Post the log it produces in your next reply.

Step 2

Run Malwarebytes' Anti-Malware.

Update Malwarebytes' Anti-Malware.

Once the program has updated, select "Perform Quick Scan", then click Scan.

The scan may take some time to finish, so please be patient.

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected.

When disinfection is completed, a log will open in Notepad and you may be prompted to restart. (See Extra Note).

The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Step 3

Please run a free online scan with the ESET Online Scanner. Note: You will need to use Internet Explorer for this scan.

Tick the box next to YES, I accept the Terms of Use.

Click Start.

When asked, allow the ActiveX control to install.

Click Start.

Make sure that the options Remove found threats and the option Scan unwanted applications is checked.

Click Scan. (This scan can take several hours, so please be patient).

Once the scan is completed, you may close the window.

Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt.

Copy and paste that log as a reply to this topic.

Step 4

The minimum amount of RAM needed for Windows XP is 512MB but I recommend you have at least 1GB.

Nedklaw

Posted 14 December 2011 - 02:52 PM

First, re-enable any anti-virus/anti-malware programs we have disabled during the removal process!

Combofix Uninstall

Click START then RUN.Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.

Installing a Firewall

You have no firewall installed on your computer.

A firewall is necessary on your computer because it can stop attackers from compromising your system and taking over it. It acts as a barrier between the internet and your computer. Hackers discover new security holes in a software or operating system long before the software company does and therefore many people get hacked before a security patch is released. By using a firewall, the majority of these security holes will not be accessible as the firewall will block the attempt.

Note: A firewall does not completely protect you against viruses so it is recommended you also have an antivirus program running on your computer as well. Do not run more than 1 firewall on your computer at one time.

Cleanup

Run OTL.

Under the Custom Scans/Fixes box at the bottom, paste in the following:

Open OTL to run it. (Vista users, right click on OTL and "Run as administrator").

Close all other programs apart from OTL as this step will require a reboot.

On the OTL main screen, press the CLEANUP button.

Say Yes to the prompt and then allow the program to reboot your computer

Note: If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

Updates

Windows Update - This site is a Microsoft site that will scan your computer for any patches or updates that are missing from your computer. You should check this website regularly to keep windows up to date. This will ensure your computer has all of the latest security updates installed on your computer and is secure from any known security holes. Windows Updates are constantly being revised to combat the newest hacks and threats. It is best if you have these set to download automatically.

How to turn on Automatic Updates:

Click on Start.

Right-click My Computer.

Select Properties.

Click on the Automatic Updates Tab.

Place a checkmark in the circle next to Automatic (recommended) near the green shield.

Click Apply > OK.

Adobe Reader - Your version of Adobe Reader is outdated. It's important to keep Adobe Reader updated because many security problems are fixed with updates.

In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".

Next Click OK, then Apply button and then OK to exit the Internet Properties page.

Recommended Programs

Make sure you update your security programs regularly so they know about new infections so they can protect your computer against them.Here are a list of programs/tools that I like to recommend to users to reduce the risk of infection in the future:

Anti-Spyware Programs

MBAM - MalwareBytes Anti Malware is an excellent tool program to detect and get rid of malware. This program should be updated and run often.

SpywareBlaster - Prevents spyware from installing on your system and stops you from getting infected It protects against bad ActiveX and immunizes your PC against them.

SpywareGuard - Works as a Spyware "Shield" to protect your computer from getting malware in the first place. It offers realtime protection from spyware installation attempts. Note: Make sure you are only running one real-time anti-spyware protection program (eg: TeaTimer, Windows Defender) or there will be a conflict.

Alternate Browsers

Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in pop up blocker (as an added benefit!) that I have ever seen. Hijackers like to attack Internet Explorer more than FireFox. If you are interested, Firefox may be downloaded from here.

WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:Green to go.Yellow for caution.Red to stop.WOT has an addon available for both Firefox and IE.

ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.

IE-SpyAd - Puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all. It prevents Cookies etc from downloading, from these websites, onto your computer.

MVPS Hosts File replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.

FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated. Its important to keep programs up to date so that malware doesn't exploit any old security flaws.

Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.